Page created: 24 Jul 2019
|
Page updated: 8 Feb 2022
The following subsections are examples of using the adapter's issuance criteria to restrict authorizing users to accessing protected resources.
Restrict users based on device ownership
- From the PingFederate home screen, navigate to your configured MobileIron adapter.
- Select Adapter Contract Mapping, then Configure Adapter Contract to access the adapter's attribute mapping summary screen and Navigate to the Issuance Criteria subheader.
- For Source select
adapter
- For Attribute Name select
Ownership
- For Condition select
not equal to
- MobileIron's device API returns one of three values for ownership:
-
COMPANY
for Corporate owned devices -
EMPLOYEE
for Employee owned devices -
UNKNOWN
Select which type device ownership complies with your business practices and click Add, Done twice, then Save.
-
Restrict users based on device operating system
- From the PingFederate home screen, navigate to your configured MobileIron adapter.
- Select Adapter Contract Mapping then Configure Adapter Contract to access the adapter's attribute mapping summary screen. Navigate to the Issuance Criteria subheader.
- For Source select
adapter
- For Attribute Name select
os
- For Condition select
not equal to
- MobileIron's device API returns different values for device operating systems.
-
IOS
-
ANDROID
-